low orbit ion cannon
TRANSCRIPT
LOW ORBIT ION CANNON
(LOIC)
What is it? Name of origin : a super weapon from
real time strategy PC game “Command and Conquer : Tiberian Sun”
What is it? Network Stress Testing application Denial-of-Service Attack application Only 131 KB Written in C# (..later in JavaScript..) Developed initially by Praetox
Technologies -> Open Source domain O/S platforms : Windows, Linux, MacOS X,
Android
What is it?LOIC application interface..
How does it works? Performs a Denial-of-Service (DoS) attack
or.. a Distributed Denial –of-Service (DDoS)
attack when being used by multiple users by flooding the server with Transmission
Control Protocol (TCP) or User Datagram Protocol (UDP) packets
Disrupt the service of a particular host
How does it works?What is TCP & UDP?
TCP UDPReliability: TCP is connection-oriented protocol. When a file or message send it will get delivered unless connections fails. If connection lost, the server will request the lost part. There is no corruption while transferring a message.
Reliability: UDP is connectionless protocol. When you a send a data or message, you don't know if it'll get there, it could get lost on the way. There may be corruption while transferring a message.
Ordered: If you send two messages along a connection, one after the other, you know the first message will get there first. You don't have to worry about data arriving in the wrong order
Ordered: If you send two messages out, you don't know what order they'll arrive in i.e. no ordered
How does it works?What is TCP & UDP? ..cont’d
TCP UDP
Heavyweight: - when the low level parts of the TCP "stream" arrive in the wrong order, resend requests have to be sent, and all the out of sequence parts have to be put back together, so requires a bit of work to piece together.
Lightweight: No ordering of messages, no tracking connections, etc. It's just fire and forget! This means it's a lot quicker, and the network card / OS have to do very little work to translate the data back from the packets.
Streaming: Data is read as a "stream," with nothing distinguishing where one packet ends and another begins. There may be multiple packets per read call.
Datagrams: Packets are sent individually and are guaranteed to be whole if they arrive. One packet per one read call.
How does it works?What is TCP & UDP? ..cont’d
TCP UDPExamples: World Wide Web (Apache TCP port 80), e-mail (SMTP TCP port 25 Postfix MTA), File Transfer Protocol (FTP port 21) and Secure Shell (OpenSSH port 22) etc.
Examples: Domain Name System (DNS UDP port 53), streaming media applications such as IPTV or movies, Voice over IP (VoIP), Trivial File Transfer Protocol (TFTP) and online multiplayer games etc
(http://www.cyberciti.biz/faq/key-differences-between-tcp-and-udp-protocols/)
(http://www.skullbox.net/tcpudp.php)
How does it works?Denial-of-Service
Denial-of-Service Attack Schematic
How does it works?Denial-of-Service
LOIC Denial-of-Service attack..
How does it works?LOIC Denial-of-Service attack by flooding the server with TCP & UDP packets..
How does it works?Weaponization
Network stress testing application which should be used for testing the network stress now being used as a “weapon” to flood the server with Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) packets
Who use it? International network of internet
activists who support “internet piracy” and “freedom of information”
Hacktivist entities
“The Anonymous”
When?
Operation Payback is a Bitch (Sept-Nov 2010) As a retaliation of Bollywood companies DDos
attack on illegal content websites Launch DDos attack Oppose the internet pro-copyright & anti-piracy
organizations, firms and individuals
When? Operation Payback is a Bitch (Sept-Nov
2010) ...cont’d Targets Motion Picture Association of America
(MPAA), International Federation of the Phonographic Industry, Recording Industry Association of America (RIAA)
UK’s firm ACS : Law, Australian Federations Against Copyright Theft (AFACT), Associacao do Comercio Audiovisual de Portugal (ACAPOR)
When? Operation Avenge
Assange (Dec 2010) As a reaction to support
Julian Assange’s WikiLeaks Attack corporation which
stop their support/donations to WikiLeaks
Amazon, PayPal, BankAmerica, PostFinance (Swiss), MasterCard, Visa
When? Operation Avenge Assange (Dec 2010)
...cont’d Threat British Government websites if Assange
extradite to Sweden
Where? LOIC works in world wide web but.. It works best in an unprotected network
Countermeasure Firewall
To control/stop unwanted traffic
Countermeasure Audit Trail/System Logs
To identify and track down the attacker(s)
Please be cautious...
THANK YOU